Which of the following are functions that are compatible in a properly segregated environment?

A.
Security administration and quality assurance

B.
Security administration and data entry

C.
Security administration and application programming

D.
Application programming and data entry

Explanation:
Security Administration and Quality Assurance are the most similar tasks. Administrative
Management: Administrative management is a very important piece of operational security. One
aspect of administrative management is dealing with personnel issues. This includes separation of
duties and job rotation. The objective of separation of duties is to ensure that one person acting
alone cannot compromise the company’s security in any way. High-risk activities should be broken
up into different parts and distributed to different individuals. This way the company does not need
to put a dangerously high level of trust on certain individuals and if fraud were to take place,
collusion would need to be committed, meaning more than one person would have to be involved in
the fraudulent activity. Separation of duties also helps to prevent many different types of mistakes
that can take place if one person is performing a task from the beginning to the end. For instance, a
programmer should not be the one to test her own code. A different person with a different job and
agenda should perform functionality and integrity testing on the programmer’s code because the
programmer may have a focused view of what the program is supposed to accomplish and only test
certain functions, input values, and in certain environments. Another example of separation of
duties is the difference between the functions of a computer operator versus the functions of a
system administrator. There must be clear cut lines drawn between system administrator duties and
computer operator duties. This will vary from environment to environment and will depend on the
level of security required within the environment. The system administrators usually have
responsibility of performing backups and recovery procedures, setting permissions, adding and
removing users, setting user clearance, and developing user profiles. The computer operator on the
other hand, may be allowed to install software, set an initial password, alter desktop configurations,
and modify certain system parameters. The computer operator should not be able to modify her
own security profile, add and remove users globally, or set user security clearance. This would
breach the concept of separation of duties. Pg 808-809 Shon Harris: All-In-One CISSP Certification